Security Basics mailing list archives

RES: HIDS recommendations

From: "Eduardo Sanches" <sude () uol com br>
Date: Thu, 11 Sep 2003 16:37:24 -0300

Hi Tom,

I like ISS Server Sensor, it works fine and if you want you can correlate
informations from HIDS, NIDS and vulnerability assessment software from ISS
in a centralized console. Take a look at www.iss.net

.(edu

-----Mensagem original-----
De: Tom Dominico, Jr. [mailto:tdominico () kermantel net]
Enviada em: quinta-feira, 11 de setembro de 2003 13:28
Para: security-basics () securityfocus com
Assunto: HIDS recommendations


I am interested in using a host-based IDS for a few of our servers that
face the Internet and are most vulnerable.  The only product I am even
slightly familiar with is Tripwire, which apparently comes in free and
non-free variants.  I am interested in your experiences and
recommendations.  Eventually I would like to team this up with some sort
of NIDS, but that's a fairly large undertaking, from what I've gathered.
I thought that it might be easier to start off with HIDS.  My servers
are currently Windows-based, but there will most likely be a Linux or
BSD box in the mix very shortly.  They run basic services such as web,
mail, etc.  Any thoughts?  Thanks.

Tom Dominico


---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Captus Networks 
Are you prepared for the next Sobig & Blaster? 
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans 
 - Precisely Define and Implement Network Security 
 - Automatically Control P2P, IM and Spam Traffic 
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit 
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------

Current thread:

HIDS recommendations Tom Dominico, Jr. (Sep 11)
- RES: HIDS recommendations Eduardo Sanches (Sep 11)
- Re: HIDS recommendations Jimi Thompson (Sep 12)
  - RE: HIDS recommendations David Gillett (Sep 12)
- <Possible follow-ups>
- RE: HIDS recommendations Megan Golding (Sep 12)